From ea18e2cb4bb1e08ea0a82fd6e175f01c092f235e Mon Sep 17 00:00:00 2001
From: Lantizia <s.maddox@lantizia.me.uk>
Date: Thu, 6 Jun 2024 13:35:09 +0100
Subject: [PATCH] Due to CVE-2023-25690 Apache httpd will error AH10411 if
 spaces aren't escaped (e.g. in photo filenames)

---
 modules/gallery/helpers/access.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/gallery/helpers/access.php b/modules/gallery/helpers/access.php
index 62e4e10a6..7be6b3e0c 100644
--- a/modules/gallery/helpers/access.php
+++ b/modules/gallery/helpers/access.php
@@ -695,7 +695,7 @@ static function update_htaccess_files($album, $group, $perm_name, $value) {
         $fp = fopen("$dir/.htaccess", "w+");
         fwrite($fp, "<IfModule mod_rewrite.c>\n");
         fwrite($fp, "  RewriteEngine On\n");
-        fwrite($fp, "  RewriteRule (.*) $base_url/\$1 [L]\n");
+        fwrite($fp, "  RewriteRule (.*) $base_url/\$1 [B,L]\n");
         fwrite($fp, "</IfModule>\n");
         fwrite($fp, "<IfModule !mod_rewrite.c>\n");
         fwrite($fp, "  Order Deny,Allow\n");